CVE-2002-2349

phpBBmod 1.3.3 - Exposure of Sensitive Information via phpinfo.php

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2002-2349. PoCs published by Roland Verlander.

AI-analyzed exploit summary This is a writeup describing an information disclosure vulnerability in phpBBmod 1.3.3 due to the presence of a sample script (phpinfo.php) that reveals sensitive environment details. The issue is trivial to exploit by accessing the script directly.

Description

phpinfo.php in phpBBmod 1.3.3 executes the phpinfo function, which allows remote attackers to obtain sensitive environment information.

Exploits (1)

exploitdb WRITEUP VERIFIED
by Roland Verlander · textwebappsphp
https://www.exploit-db.com/exploits/21931

This is a writeup describing an information disclosure vulnerability in phpBBmod 1.3.3 due to the presence of a sample script (phpinfo.php) that reveals sensitive environment details. The issue is trivial to exploit by accessing the script directly.

Classification
Writeup 90%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Reliable
Target: phpBBmod 1.3.3
No auth needed
Prerequisites: phpinfo.php script must be accessible
mistral-large-3 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3
Core References
Third Party Advisory vdb-entry x_refsource_xf
http://www.iss.net/security_center/static/10335.php
Exploit vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/5942
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/294701

Scores

EPSS 0.0249
EPSS Percentile 82.7%

Details

CWE
CWE-200
Status published
Products (1)
phpbb/phpbbmod 1.3.3
Published Dec 31, 2002
Tracked Since Feb 18, 2026